Security Risk Assessments Needed for More than MU
November 4, 2016
Written by Patty Kosednar
Hey all you meaningful users! As you all know, security risk assessments are a requirement for meeting meaningful use. However, the requirement for them and their importance is greater than just the MU program. Below is information from Susan Clarke, our Health Care Information Security and Privacy Practitioner:
“2016 is the biggest HIPAA enforcement Year for the Office for Civil Rights (OCR), with over $20 Million in settlements and growing. At the Safeguarding Health Information: Building Assurance through HIPAA Security in 2016 conference held in Washington, D.C. on October 19-20, incomplete or inaccurate risk analysis was discussed as a deficiency by OCR. Covered Entities and Business Associates need to conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information. See 45 C.F.R.164.308(a)(1)(ii)(A).
Organizations frequently underestimate the proliferation of ePHI within their environments. When conducting a risk analysis, an organization must identify all of the ePHI created, maintained, received or transmitted by the organization.
In addition, conducting or reviewing a security risk analysis to meet the standards of HIPAA Security Rule is included in the meaningful use requirements of the Medicare and Medicaid EHR Incentive Programs. Eligible professionals must conduct or review a security risk analysis for each EHR reporting period to ensure the privacy and security of their patients’ protected health information. Click here for more information.”
Time is running out to have your security risk analysis completed in 2016, please contact HTS for more information on how we can help provide a SRA for your practice, hospital or nursing home.
Visit our website for more information on how we can assist you with your SRA.
Susan Clarke, Health Care Information Security and Privacy Practitioner
307.248.8179
If you have any questions at all, or run into issues with any of the meaningful use objectives and would like help please use the “Leave a Reply” section below, or email Patty Kosednar directly with your questions or comments.
Other Resource Links
Subscribe to the HTS Meaningful Use Blog
Subscribe
See a list of upcoming webinars
Check out any webinars you missed
Leave a Reply